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Amendments «n the Specification 

m^TrepIace the paragraph on Page 1, lines 6 - 13, with the following ituuked-up replacement 
paragraph: 

-Thi^plicationis related to the applications having serial numbers 09/ sillied 

no/Att.332 entitled "Piggy-Backed Key Exchange Protocol for Providing Secure, Low-Overhead 
Browser Connections to a Server with which a Client Shares a Message Encoding Scheme", 
09 / aititlcd M/415.S27 entitled "Piggy-Backed Key Exchange Protocol for Providing 
Secure, Low-Overhead Browser Connections from a Client to a Server using a Trusted Third 
Part/', and 0 9 / untitle d MfA\SM5 entitled " Piggy-Backed Key Exchange Protocol for 
Providing Secure, Low-Overhead Browser Connections When a Server Will Not Use a Message 
Encoding Scheme Proposed by a Client", all assigned to the same assignee and filed concurrently 
herewith on October 12, 1999. 





ease replace the paragraph that begins on Page 4, line 8 and carries over to Page 5, line 4, with 
the following marked-up replacement paragraph: 

^r-ftreneh-att env ir onmen t whe it tUU it, b uu g tr amafttod between a client and server 



while passing through intermediate transcoders or gateways, data security is often a key concern. 
A cHent may need to send data to the server that is considered security-sensitive by the client or 
the server, such as when a person's credit card information is transmitted through a network for 
use by an electronic shopping application executing on the server. In addition, the content 
dispatched from the server to the client is often considered security-sensitive. A simple example 
of this situation is the same electronic shopping application just discussed, where the server may 
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tnoBk an order contaation to the client that includes the client's credit card information. 
Many other security-sensitive transmission exist, such as those that occur when using electronic 
banking, online stock trading, online bill presentment and payment, etc. The problems that may 
ensue when sensitive data is exposed to an unintended recipient, such as a computer hacker, can 
be quite serious. While gateways, and Uanscoders in particular, may be designed to modhy the 
applfcationcontent in legitimate ^^to^iH ^^ ^ ^ 
y content at the same time mustnotbe disclosed to such intermediaries. (U. S. Patent Application 
09/352,534, which is titled "Method for Transmitting Information Data from a Sender to a 
reiver via a Transfer, Method of Transcoding Information Data, Method for Receiving 
Transcoded Information Data, Sender, Transfer, and Receiver" and is assigned to the same 
assignee, defines a novel technique for use such an environment where the security-sensitive 
portions of **mMb a Hypertext l^kup^u^LHm, document are encrypted while 
leaving the remaining portions in plain text)^-^^ _ — — — — — — 



Tease replace the paragraph that begins on Page 38, Itae 19 and carries over to Page 39, lines 3 
with the following marked-up replacement paragraph: 




"Tr^example of using this optimization of the second embodiment, where the client is 

proposing a new scheme M4 using an existing scheme Ml , is shown below: 

Client -> Server: GET "page", Er^^C^arameters"), Enc^flDtClient), 
ID(Server), lD(TTP) f N(Clicn t ), T) ; N(Client), T) 

Server -> TTP: En CpCrrP)) (ID(aient), ©(Server), ID(TTP), N(Client), T) 

TTP~> Server: Enc^jODCClient), N(CKent), T) 

SerialNo. 09/415,645 -3- Docket RSW9-99-084 



.RCVDATIIM^^ 



i v r/yv PAGE 06 

01/15/2084-* 11:01 4073437587 FAX 



r 



Server ~> Client: Enc^'contenT), En Cp(cr ^(N(Sen*r)X Cert(Server) 
replace the paragraph on Page 40, fines 1 - 16, with the Mowing marked-up replacement 




- In a first aspect of this third embodiment, the request/response pair uses the novel 
technique disclosed in the U. S. Patent Application titled "Exchanging Supplemental Information 
Fields Between a Client and a Server * having serial number 09/ , which 09/415,646, 

w hich is assigned to the same assignee and which is incorporated herein by reference (hereinafter, 
the "referenced patent application"). This referenced patent application discloses use of the 
REDIRECT message of the HTTP protocol (or the equivalent message of another protocol such 
as WSP), which the server sends to a client in response to a client's request for Web content when 
the server wishes to request supplemental information for use in fulfilling the request. As 
disclosed therein, the supplemental information fields are specified in the request header of the 
REDIRECT message. For purposes of the present invention, the server specifies one or more 
security-related fields as the requested supplemental information. The novel piggy-backed key 
exchange protocol of this first aspect of the third preferred embodiment is thus shown abstractly 
by the sequence: 

Client ~> Server: GET "page", MlC^parameters", ...) 

Server --> Client: REDIRECT "page", meta-M2, ... 

Client -> Server; GET "page", M2( < *parameters>'> ..♦) 

Server --> Client: M2( u content M ? - 
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